Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the issue where sk is released during the ADDADDR retransmission in mptcp pm. This can lead to sk...

Astra Linux - уязвимость в linux-5.15, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: mptcp: fixed the issue of re-injecting stale data from stale subflows. When the MPTCP Process Manager detects that a subflow is stale, the packet scheduler must re-inject all the unacknowledged data at the mptcp level. To avoid...

CVE-2026-43252

CVE-2026-43252 concerns the Linux kernel MPTCP subsystem (Multiswitch TCP). The issue arises in the in-kernel MPTCP path for removing endpoints, where code path __mark_subflow_endp_available/mptcp_pm_nl_fullmesh/mptcp_pm_nl_set_flags_all/mptcp_pm_nl_set_flags can trigger a kernel warning when a s...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the copying of an unregistered TCPv6 protocol during the MPTCP stream initialization process. Thi...

SUSE-SU-2026:1089-1 Security update for the Linux Kernel (Live Patch 14 for SUSE Linux Enterprise 15 SP6)

This update for the SUSE Linux Enterprise Kernel 6.4.0-150600.23.65 fixes various security issues The following security issues were fixed: - CVE-2025-38488: smb: client: fix use-after-free in cryptmessage when using async crypto bsc1247240. - CVE-2025-40258: mptcp: fix race condition in...

SUSE-SU-2026:0943-1 Security update for the Linux Kernel (Live Patch 6 for SUSE Linux Enterprise 15 SP7 RT)

This update for the SUSE Linux Enterprise Kernel 6.4.0-150700.7.22 fixes various security issues The following security issues were fixed: - CVE-2025-40258: mptcp: fix race condition in mptcpschedulework bsc1255053. - CVE-2025-40284: Bluetooth: MGMT: cancel mesh send timer when hdev removed...

ROS-20260317-73-0026

A vulnerability in the mptcpdofallback function of the mptcp component of the mptcp component of the Linux operating system kernel involves an infinite loop. Exploitation of the vulnerability could allow an attacker to cause a denial of service...

Oracle Linux 9 : kernel (ELSA-2026-1143)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-1143 advisory. - Bluetooth: hcisock: Prevent race in socket write iter and sock bind CKI Backport Bot RHEL-139462 CVE-2025-68305 - dm: fix dmblkreportzones CKI Backpo...

PT-2026-2609

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a flaw related to MPTCP Multipath TCP. A race condition exists in the handling of simultaneous connection synchronization-acknowledgment syn-ack packets,...

CVE-2023-54176 mptcp: stricter state check in mptcp_worker

In the Linux kernel, the following vulnerability has been resolved: mptcp: stricter state check in mptcpworker As reported by Christoph, the mptcp protocol can run the worker when the relevant msk socket is in an unexpected state: connect // incoming reset + fastclose // the mptcp worker is...

CVE-2023-54085

The CVE-2023-54085 entry concerns the Linux kernel MPTCP implementation. A NULL pointer dereference can occur on fastopen early fallback when a subflow context is deleted before returning the newly allocated socket to the caller; the fastopen path does not safely handle this dereferenced subflow ...

mptcp: do not queue data on closed subflows

...

SUSE-SU-2025:20355-1 Security update for the Linux Kernel

The SUSE Linux Enterprise Micro 6.0 and 6.1 RT kernel was updated to receive various security bugfixes. The following security bugs were fixed: - CVE-2024-28956: x86/ibt: Keep IBT disabled during alternative patching bsc1242006. - CVE-2024-35840: mptcp: use OPTIONMPTCPMPJSYNACK in...

DEBIAN-CVE-2024-50185

In the Linux kernel, the following vulnerability has been resolved: mptcp: handle consistently DSS corruption Bugged peer implementation can send corrupted DSS options, consistently hitting a few warning in the data path. Use DEBUGNET assertions, to avoid the splat on some builds and handle...

SUSE CVE-2023-52778

In the Linux kernel, the following vulnerability has been resolved: mptcp: deal with large GSO size After the blamed commit below, the TCP sockets and the MPTCP subflows can build egress packets larger than 64K. That exceeds the maximum DSS data size, the length being misrepresent on the wire and...